Virtual, NC, USA
6 days ago
Senior Analyst - Third-Party Risk Management
iHeartMedia

                                                                             

Current employees and contingent workers click here to apply and search by the Job Posting Title.

                                                                             

The audio revolution is here – and iHeart is leading it!  iHeartMedia, the number one audio company in America, reaches 90% of Americans every month -- a monthly audience that’s twice the size of any other audio company – almost three times the size of the largest TV network – and almost 4 times the size of the largest ad-supported music streaming service.  In fact, we have:

More #1 rated markets than the next two largest radio companies combined;

We’re the largest podcast publisher, with more monthly downloads than the second- and third-largest podcast publishers combined. Podcasting, the fastest-growing new media, today has more monthly users than streaming music services or Netflix;

iHeart is the home of many of the country’s most popular and trusted on-air personalities and podcast influencers, who build important connections with hundreds of communities across America;

We create and produce some of the most popular and well-known branded live music events in America, including the iHeartRadio Music Festival, the iHeartRadio Music Awards, the iHeartCountry Festival, iHeartRadio Fiesta Latina and the iHeartRadio Jingle Ball Tour;

iHeartRadio is the #1 streaming radio digital service in America;

Our social media footprint is 7 times larger than the next largest audio service; and

We have the only complete audio ad technology stack in the industry for all forms of audio, from on demand to broadcast radio, digital streaming radio and podcasting, which bring data, targeting and attribution to all forms of audio at an unparalleled scale.  As a result, we’re able to combine our strong leadership position in audience reach, usage and ad tech with powerful tools and insights for our sales organizations to help them build success for their clients at a more efficient cost than any other option. 

Because we reach almost every community in America, we’re committed to providing a range of programming that reflects the diversity of the many communities we serve – and our company reflects that same kind of diversity.  Our company values stress collaboration, curiosity, welcoming dissent, accepting mistakes in the pursuit of new ideas, and respect for everyone.

Only one company in America has the #1 position in everything audio: iHeartMedia!

If you’re excited about this role but don’t feel your experience aligns perfectly with the job description, we encourage you to apply anyway.  At iHeartMedia we are dedicated to building a diverse, inclusive, and authentic workplace and are looking for teammates passionate about what we do!

                                                                             

What We Need:

The Senior Analyst will play a strategic role in overseeing the organization's Third-Party Risk Management (TPRM) program. This senior-level position is responsible for conducting and managing comprehensive risk assessments, establishing, and maintaining risk frameworks, and ensuring that third-party vendors comply with security, legal, and regulatory requirements. The role involves leading cross-functional teams in identifying, assessing, and mitigating risks across various business processes, ensuring alignment with industry standards and regulations.

                                                                             

What You'll Do:

Responsibilities 

Oversee Third Party Risk Management (TPRM): Lead the TPRM program by conducting thorough assessments of third-party vendors and service providers, ensuring they meet the organization’s security and compliance standards, and tracking their risk posture over time.Collaboration with Internal Teams: Partner with internal teams such as IT, Legal, Procurement, Privacy and Information Security to ensure risks are identified, reported, and mitigated, and that third-party relationships are aligned with corporate governance policiesVendor Risk Management: Perform in-depth reviews of third-party vendor contracts, service level agreements (SLAs), and compliance documentation to ensure risk mitigation strategies are in place, including proper data protection, disaster recovery, and security control measures.Policy and Governance Development: Lead the creation and refinement of policies, procedures, and standards for TPRM and enterprise risk management to ensure they are up to date with industry best practices and regulatory requirements (e.g., SOX, HIPAA, GDPR, CCPA).Lead Third-party risk assessments and monitoring.TPRM Risk monitoring and status tracking.Collaboration on risk mitigation strategies.Regular reporting and risk analytics.Risk assessments for new and/or existing 3rd parties vendors projects and initiatives.Lead any inbound assessments

Skill and Knowledge Requirements

Core Skills

Acts responsibly with sensitive and confidential informationIs creative and resourceful as a problem solverConsistently demonstrates the drive to deliver successfully even under difficult timelinesHas strong analytical, methodical, investigative and auditing skillsKnows when to make practical rational decisions that reduce risk to iHM information and Information systemsGood written and verbal communications skillsGood technical writing skillsA critical logical thinker who is efficient and methodical

Technical Skills

Background in a security governance model such as NIST, ISO, and PCI.Experience in developing cybersecurity policies and proceduresFamiliarity with risk management frameworks.Familiarity with Asset ManagementAble to define and understand various lines of business and the relationship to cybersecurity roles, responsibilities, and risk management decisions.Familiarity with access control management and strategiesAble to manage vulnerability remediation through use of mitigation strategiesFamiliarity with security control assessments and proceduresAbility to perform audits of systems, software, and security controlsFamiliarity with administering a corporate security awareness training programExperience with vetting vendors and vendor management Familiarity with legal and regulatory compliance requirements.

                                                                             

What You'll Need:

                                                                             

What You'll Bring:

Respect for others and a strong belief that others should do this in return

Full proficiency and understanding of job function

Ability to work independently with minimal guidance

In-depth knowledge of key business drivers and how this impacts your team

Experience in team and project management for mid-sized projects

Ability to recognize and mitigate risk

Confidence to solve complex problems using multiple sources of information

Growth mindset and desire for continued knowledge sharing and learning

Understanding of impact of your own decisions

Ability to identify new opportunities for continued improvement across business

Comfort acting as a trusted advisor for colleagues with less experience

Ability to manage complex and confidential information and to influence others to build consensus across all levels

Compensation:

Salary to be determined by multiple factors including but not limited to relevant experience, knowledge, skills, other job-related qualifications, and alignment with market data.

$72,000 - $90,000

                                                                             

Location:

VIRTUAL, NC

                                                                             

Position Type:                                                                                             

Regular

                                                                             

Time Type:

Full time

                                                                                 

Pay Type:

Salaried

                                                                                 

Benefits:

iHeartMedia’s benefits offering is flexible and offers a variety of choices to meet the diverse needs of our changing workforce, including the following:

Employer sponsored medical, dental and vision with a variety of coverage options

Company provided and supplemental life insurance

Paid vacation and sick time

Paid company holidays, including a floating holiday that enable our employees to celebrate the holiday of their choosing

A Spirit day to encourage and allow our employees to more easily volunteer in their community

A 401K plan

Employee Assistance Program (EAP) at no cost – services include telephonic counseling sessions, consultation on legal and financial matters, emotional well-being, family and caregiving

​A range of additional voluntary programs, such as spending accounts, student loan refinancing, accident insurance and more!

                                                                             

We are accepting applications for this role on an ongoing basis.

The Company is an equal opportunity employer and will not tolerate discrimination in employment on the basis of race, color, age, sex, sexual orientation, gender identity or expression, religion, disability, ethnicity, national origin, marital status, protected veteran status, genetic information, or any other legally protected classification or status.

Non-Compete will be required for certain positions and as allowed by law.

Our organization participates in E-Verify.  Click here to learn about E-Verify.

Confirm your E-mail: Send Email